"W2B Online Banking Solutions" brochure
in Adobe Acrobat format

W2B Online Banking Solution

INDUSTRY
Financial Services
OBJECTIVE
Provide integrated multi-channel online banking for retail and corporate banks, with a high degree of customer service personalization
SOLUTION
Online Banking
ARCHITECTS
W2B Ltd




W2B Online Banking: Next-generation, universal front-end banking solution from W2B Ltd, enables local banks in emerging markets, Eastern Europe, CIS and Asia to meet the ever changing challenges from intense competition from western and transnational finance institutions, reduced margins, and increasing customer expectations.
W2B Online Banking: Complete front-to-back-office environment for corporate, retail, and investment banking operations with a highly flexible and scalable modular architecture.
W2B Online Banking: Advance technical specifications of any global internet banking facility and is applicable to all local characteristics of the local/national clients.

The system offers the following:

FEATURES & FUNCTIONALITY



W2B Online Banking provides full service remote management of bank accounts and bank cards. Clients can:
Picture 1 Personal Clients’ menu

ARCHITECTURE



W2B Online Banking software architecture is a stable, high-performance solution with enterprise functionality. The host interface objects achieve real-time integration with back-end systems through links with partner systems and extranets. The front-end architecture enables business functions the ease of defining business functions once, then executing them through multiple customer channels.
W2B Online Banking is a three-tier architecture structure:
  1. User system interface: Simply a web browser. No other installation requirements exist for the banking client.
  2. Application Server: A compact, strong, secure and reliable PHP based enterprise application, PHP is the most popular web development language today. It’s actively promoted by industry leaders such as IBM, Oracle and Hewlett-Packard. PHP is ideally suited for quickly building and deploying web applications that tie together heterogeneous business functions and data from a range of existing systems and applications. PHP provides the ideal balance of simplicity, power, flexibility and accessibility. According to Mark Driver, VP & Research Director of Gartner, “PHP is proving to be lead scripting model for the use in enterprise web development”.
  3. Database Server: Developed with the industry standard ANSI 92 to make it a highly scalable solution, which can be deployed on large scale database engines such as Oracle, MySQL, SyBase and MSSQL
W2B Online Banking can be deployed in several ways:
Centralized: There is one point of the access to a central database for all the bank branches. All business units are concentrated to the bank. The control panel is the same for administrators and bank managers .
Distributed
/inside/:
The system supports both the head office and branches. The main server units (application server, database server), back office and system administrator modules are located in the head office. Each branch retains its own copy of the branch administrator.
Distributed
/outside/:
The Application and Database Servers are installed on the tenanted facilities and network in infrastructure of the Host/Data Center outside of the bank.


OPERATIONS



How to start
  1. User visits the bank website and clicks the online banking link/button
  2. User enters his/her user information into the authorization page
  3. Website establishes secure and encrypted SSL connection using session keys.
Users
W2B Online Banking users are :
1. Clients
   Personal clients
   Corporate clients
2. Bank employees
   System Administrator
   Branch Administrator
   Bank Manager

Client Registration
The registration has 2 stages
  1. Preliminary
  2. Final
During the preliminary registration the client fills personal information form on the registration page and creates open and private keys for further use. Then the client arrives personally to the bank to sign the bank service agreement. After it the administrator makes active the user account.

Registered Client Activity
The registered client can create and analyze multiple financial documents. The list of documents is defined in the Client Service Agreement which is signed by the client and bank.

Client Information and Documents Archiving
All client documents and records are archived according to the client’s requirements and requests. The archive is stored in accordance with the terms outlined in the Client Service Agreement. The client is ensured business process continuity. After the termination of the Client Service Agreement, all client information and financial documents are permanently removed from the system.

Bank Employees Activity
System Administrator (SA): Registers all bank employees and manages user accounts. SA can supervise the entire system using rich reporting and statistics information, which is an available from the SA’s control panel.
Branch Administrator (BA): Administers managers and clients’ user accounts. BA is responsible for assigning a bank manager for each client, managing bank accounts, processing client’s requests/applications concerning all account activity. Interaction commands on the BA’s menu allow the BA to run and schedule document uploading, statement retrieving, synchronization operations as well as man aging bank product lists for their own branch.
Bank Manager (BM): Responsible for the clients’ financial document pro cessing. BM has decision making authority to accept or decline any document signed by the clients. Fur thermore, BM can immediately respond to clients’ requests using integrated mail module. In addition BM can check the correctness of client statements and account activity.
Technical Administrator (TA): Responsible for systems monitoring, support, administration and configuration as well as new design templates integration and system upgrades.

SECURITY



Information security is ensured through comprehensive tools and techniques as same as through comprehensive, protective actions within the network infrastructure, protocols, operation systems.

Security Tools and Techniques
W2B Online Banking offers composite tools and techniques to provide effective security:
Digital Signature: Guarantees authenticity of electronically signed documents and certifies the information was not modified during transmission. In addition the digital signature is used for user authentication. Certified encryption algorithms are used to generate the Digital Signature. W2B Online Banking supports local encrypting algorithms such as Russian digital signature algorithms GOST-1994 and GOST-2001.
Encryption: W2B Online Banking utilizes the latest encryption technologies. Secure transmissions ensure information remains confidential. Encryption technology, such as Secure Socket Layer (SSL), protects data in three key ways:
  1. Ensures the client is communicating with bank intended and prevents another computer from impersonating the bank.
  2. Scrambles transferred data so it cannot be read by unauthorized parties.
  3. Protects data integrity by verifying the client information has not been altered during transmission. The system detects if data was added or deleted after the message is sent. If any tampering has occurred, the connection is dropped.
Session Handling: An additional technique, which heightens user activity even more with basic application server tools. After successful authorization of the user the application server assigns another unique session id. The session tracks and controls all user activity during the session while the user information is available for any critical operation. For example all main SQL requests to retrieve, modify or remove records in the Database, are built using the identity information(User id, Group id, Client type and so on) stored in sessions. This guarantees each user can work only with his/her own information in according with the user policy in the presence of session identifiers.
Logging: Logs all client and bank employee. The client’s IP address, access time, sessions, key identifications and payment details are stored in the log files. W2B Online Banking allows for supervisions of the archives containing the finance documents for possible problem resolution. Each document has its own log history starting with the application.

General Rules of Securing
The software must be installed on the servers, which allows for reliable and uninterrupted work processing. UPS and backup systems are required.
W2B Online Banking servers are located outside the bank/branches’ networks and must interact through gateways between the back-end systems units over SSL protocols using fixed IP addresses. Installation of gateways in the inner segment of the secured network of the bank/branches is required; where the Back-end bank servers are placed. It is very important to tune the OS on the servers which are expecting support of all unused protocols, network services and tools.

GATEWAY FOR INTERACTION WITH THE BACK-END BANKING PACKAGE



The gateway is used for full integration with the back-end bank system. Interaction is real-ized with the help of defined stored procedures and SQL requests, which are addressed to the main bank database via the gateway. Without a doubt, it is the most advanced, efficient and effective method of organizing and managing data exchange with a back-end system. Unlike file exchanges and OLE technology methods, W2B Online Banking does not load back-end servers with the additional processes, because the gateway is actually a peer unit for the database.

The Gateway module runs on a stand alone server in the main bank office networking area, which has private and secure access to the database server of the back-end systems. It receives and interprets requests from W2B Online Banking application server throughout corporate firewall by the secure channel based on CURL+SSL technology.

Data transportation between the application server, gateway and back-office database server is optimized. W2B Online Banking delivers a very compact and high-performance way of data retrieval from back-end bank systems.

Data from arbitrary back-end bank system tables is extracted without substantial programming. The data format is a special serialized array, which is interpreted as XML by the gateway in some particular cases. The gateway is designed to run definitive stored procedures in the database, but it is able to send standard select SQL requests and retrieve response data from the single or multiple database tables in some special cases as well.



The gateway consists of 3 main units of data interaction between W2B Online Bank-ing’s application server and the back-end banking package:
1. Transaction: Imports all types of client payment documents into the bank’s back office. In addition, transaction units support withdrawal of transactions imported recently.
2. Synchronization: Provides synchronization of the document statuses between W2B Online Banking and the back-end banking system. At the same time the synchronization module allows for retrieval of statements and details of the operations from the back-end system.
3. Download: Allows for export of updated reference information such as bank codes, and exchange rates into W2B Online Banking’s data-base server.



“Web to Business” Ltd
Russia & CIS:
15 Leninsky ave., Moscow, Russia
ph: +7 (903) 561 81 51
Email: development@w2b.ru
URL: http://www.w2b.ru
URL: http://www.w2bpm.com